Numerous kernel vulnerabilities in Dell PowerProtect Data Manager closed
Dell's backup solution PowerProtect Data Manager is vulnerable to malware attacks, among other things. Security patches are available for download.
(Image: Tatiana Popova/Shutterstock.com)
Dell developers have primarily closed several vulnerabilities in various third-party components used by PowerProtect Data Manager. The Linux kernel is primarily affected.
Various security issues
As a warning message indicates, GnuPG, OpenSSL, and Vim are affected, among others. Spot checks show that the majority of the vulnerabilities are classified as "medium" threat level. However, there are also malware vulnerabilities in the kernel (e.g., CVE-2023-53572 "high").
Furthermore, vulnerabilities in the backup solution itself were also closed. For example, attackers who already have low user privileges can execute malware in two cases (CVE-2026-22266 "high", CVE-2026-22267 "high").
The developers assure that the security issues in Dell PowerProtect Data Manager 19.22.0-24 have been resolved. All previous versions are said to be vulnerable.
Videos by heise
Most recently, Dell closed countless vulnerabilities in Avamar, iDRAC, and NetWorker.
(des)
